PredictiveHire Pty Ltd, PredictiveHire Limited and our related entities (“we”, “us” or “our”) are committed to protecting personal data from being misused, getting into the wrong hands as a result of poor security or being shared carelessly, or being inaccurate.
This includes protecting the data that we collect and store for the purpose of providing an applicant prediction.
This Data Security Policy (“Policy”) sets out:
1.how we secure data and personal information that we use, collect and process in the course of making available the services provided or made available by ust (“Services”); and
1.the online platform managed by us and used by us to provide the Services (“Platform”).
We may vary this Policy at any time by placing a notice on our website available at www.predictivehire.com . If you access the SaaS Platform and/or use the Services, your access and/or use will constitute acceptance of the terms of this Policy.
Our data security features, practices and procedures are designed to prevent the misuse, loss or unauthorised access of data and personal information and to detect and respond to any data security breaches in a timely and appropriate manner.
PredictiveHire has extensive security features and procedures relating to its technology usage:
Physical security measures at the PredictiveHire offices include:
The PredictiveHire Platform is hosted on Amazon Web Services (AWS) Infrastructure. AWS manage the physical security of their buildings, they employ industry standard protections. More information from AWS can be found here.
PredictiveHire maintains and continues to update its protections to prevent misuse, interference, loss, unauthorised access, modification and disclosure of the data stored on the Platform or used in the Services.
PredictiveHire utilise a multi-tenant Platform which means your data it will be virtually separated from other partner data. If this is is not sufficient then we can discuss alternative options.
All data stored on the PredictiveHire Platform is encrypted and access to PredictiveHire infrastructure is tightly controlled via the engineering team.
PredictiveHire monitors the operations and effectiveness of its online Platform security to ensure they remain responsive to changing threats and vulnerabilities. As part of this threat assessment we conduct regular 3rd party penetration testing of the PredictiveHire Platform.
Key metrics of production systems and the operational health of the PredictiveHire Platform is monitored 24×7 and tiered with on-call teams and escalation procedures. These metrics cover networks, backups, uptime and security points, as well as product specific data including integration availability, uptime and integrity.
PredictiveHire is aware that the Service and the Platform may be accessed via different mechanisms including smartphones, tablets, laptops, server to server and through different networks. We are aware that this increased accessibility also increases security risks and we have in place a number of security features to protect security of our data in all these circumstances including the encryption of all data transferred over open networks.
We restrict access to all PredictiveHire infrastructure to only those employees with a need to access. All infrastructure is protected via a VPN and PredictiveHire employs role-based permissioning.
Any data transferred by us with, or between, third parties is either by email, FTP or other mechanisms is encrypted.
We have access control policies in place to prevent data being inadvertently or otherwise accessed by, or transferred to, third parties. PredictiveHire requires that all of our third party vendors abide by our confidentiality and security measures, and obey similar controls.
All customer passwords associated with user accounts to the Platform are stored encrypted and hashed.
We have a comprehensive data breach and recovery plan, which is managed directly by our CEO.
PredictiveHire will advise all relevant third parties of any security or data breach in accordance with applicable legal requirements.
We may share a high level summary of the incident timeline, data impact and resolution taken once confidence has formed around scope, impact and resolution.
Data is only collected via or stored on the PredictiveHire Platform in order to provide a prediction for a job vacancy. Personal information will be maintained for future applications. At anytime an applicant can request that their personal data is updated (made correct) or removed from the Platform.
PredictiveHire uses a Pseudonymization approach so as to maintain the integrity of its prediction models. This means all personal information will be removed from an assessment.
Assessment results and associated performance data will be maintained without any association to an individual, the handling / destruction of this data will be noted in your contract with PredictiveHire. No personally identifiable data is stored within our prediction models.
All of our employees are required, from time to time, to undertake data security policy and procedures training to a level which is appropriate for their position.
In addition engineers are also trained on security paradigms such as OWASP which are integrated into our day to day operations.
If you have any questions or concerns about this Policy or the security of your personal information, please contact our Privacy Officer via firstname.lastname@example.org.
Get our insights newsletter to stay in the loop on how we are evolving PredictiveHire